556 matches found
SUSE CVE-2026-46146
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...
Linux Distros Unpatched Vulnerability : CVE-2026-46146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to valida...
CVE-2026-46146
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture usb-audio subsystem. This vulnerability exists in the convertchmapv3 function, where the csdesc-wLength value is not properly validated. A malicious actor could provide a specially crafted, malformed USB audio descripto...
CVE-2026-46146
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...
UBUNTU-CVE-2026-46146
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...
CVE-2026-46146
In the Linux kernel’s ALSA usb-audio driver, the convert_chmap_v3() loop used cs_desc->wLength as the increment without validating the length, which may cause an endless loop on malformed descriptors. A proper size check was added to abort the loop, mitigating the issue. Affected component: Li...
CVE-2026-46146 ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3()
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...
CVE-2026-46146
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...
SUSE CVE-2026-46018
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ALSA usb-audio library’s convertchmapv3 function not verifying the csdesc-wLength value,...
PT-2026-44269
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert chmap v3 The convert chmap v3 has a loop with its increment size of cs desc-wLength, but we forgot to validate cs desc-wLength itself, which may lead to potential endless...
CVE-2026-46018
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. A malicious Universal Serial Bus USB audio device could send a malformed Universal Audio Class 2 UAC2 RANGE response. This could cause the system to repeatedly print error messages and potentially lead...
CVE-2026-46018
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...
UBUNTU-CVE-2026-46018
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...
CVE-2026-46018
In the Linux kernel ALSA USB audio path, the vulnerability arises from parse_uac2_sample_rate_range() capping the number of enumerated UAC2 sample rates at MAX_NR_RATES but only exiting the inner loop. A malformed UAC2 RANGE response with extra triplets can continue parsing, causing repeated "inv...
CVE-2026-46018
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...
PT-2026-43885
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA USB audio component where the parse uac2 sample rate range function fails to fully terminate parsing when the number of enumerated rates reaches MAX NR RATES...
Linux Distros Unpatched Vulnerability : CVE-2026-46018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the...
CVE-2026-46018
ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential memory leaks When the driver encounters -ENOMEM while allocating a URB or a buffer, it abends and proceeds to the error handling path, releasing all previously allocated resources. However, when...